QUESTION
Does a consumer reporting agency have any obligations regarding fraud
and active duty alerts? Also, as a lender, what procedures do we have to follow
if the credit bureau notifies us of existing fraud or an active duty alert?
ANSWER
Your first question requires an extensive response. However, I think a
brief statement can be helpful. The FCRA imposes various obligations on
consumer reporting agencies concerning fraud and active duty alerts. The
obligations include the requirement to notify prospective users of a consumer
report on a consumer who has placed an alert in his or her file that the
consumer does not authorize the establishment of a new credit plan or extension
of credit (other than under an existing open-end credit plan), unless the user
follows certain procedures set forth in the FCRA. [15 USC §§ 1681c-1,
1681c-2]
So, this leads to a brief outline of certain procedures. When a
consumer report reflects an existing initial fraud alert or active duty alert,
to establish a new credit plan or an extension of credit (other than under an
open-end plan) in the name of the consumer, or to grant any increase in the credit
limit on any existing credit account, the prospective user must:
2. If the consumer requesting the alert specified a telephone number to be
used for identity verification purposes, either:
a. Contact the consumer at the telephone number; or
b. Take reasonable steps to verify the consumer’s identity and confirm that the application for a new credit plan is not the result of identity theft. [15 USC § 1681c-1(h)(1)]
To handle procedures for when a consumer report
reflects an existing extended fraud alert, to establish a new credit plan or an
extension of credit (other than under an open-end plan) in the name of the
consumer, or to grant any increase in the credit limit on any existing credit
account, the prospective user must contact the consumer in person or use the
contact method designated by the consumer to confirm that the application for a
new credit plan or increase in credit limit is not the result of identity
theft. [15 USC §
1681c-1(h)(2)]
Jonathan Foxx, Ph.D., MBA
Managing Director
Lenders Compliance Group
